 |
Live Syslog Viewer - View raw packets. This will give the live syslog details i.e., Source IP, Destination IP, Port and syslog informations, provided the interfaces (i.e., eth0 etc.) should be open. In Linux the application should be started using root user. You can apply filter on Source IP and Port to get live syslogs received from particular IP/Port. If you click Live Syslog Viewer icon, the Firewall Analyzer - Syslog Viewer screen pops up. In the screen, on top you will find 'Receiving Syslog Packets. _ packets received' message appears. Below that there is a Capture Filter : option with Host IP Address and Port. This capture filter will help you to watch the live syslogs from the filtered host and port. In the case, since you clicked from a specific device, the specific Firewall device information is loaded in to it by default. The fields of the syslog packets displayed are: Source, Destination, Port, and Message.
Note:If you click Live Syslog Viewer and you get the following error message 'Unable to open interfaces for listening syslogs', then carryout the steps given below:
If the installation is on Linux OS, assign SuperUser permission to fetch the Syslog packets.
If the installation is on Windows OS, execute the PacketCapture.bat file present in the <Firewall Analyzer Home>/bin directory and restart Firewall Analyzer to view the live packets.
|
 |
Unknown Packet details - The unparsed records are displayed in the table. Unknown packets have been sent
to the server. Details such as, Device Name, SysLog server, SysLog Port, Record Format, Notification, and Delete are displayed.
There is also a note 'Click here to check your Firewall configuration.'
|